Zero Trust

Question 1

Zero Trust

Answer 1

Demanding of verification for every device, user, and transaction within the network, regardless of the origin

Question 1

What are the 2 Planes in the Zero Trust Model?

Answer 1

Control Plane and Data Plane

Question 2

Control Plane

Answer 2

Refers to the overarching framework and set of components responsible for defining, managing, and enforcing the policies related to user and system access within an organization

Question 3

Elements involved in the Control Plane Include:

Answer 3

Adaptive Identity, Threat scope reduction, Policy-driven access control, and secured zones

Question 4

Adaptive Identity

Answer 4

Relies on real-time validation that takes into account the user’s behavior, device, location, and more

Question 5

Threat Scope Reduction

Answer 5

Limits the user’s access to only what they need for their work tasks because this reduces the network’s potential attack surrface

Question 6

Point of Threat Scope Reduction

Answer 6

Focused on minimizing the “blast radius” that could occur in the event of a breach

Question 7

Policy-Driven Access Control

Answer 7

Entails developing, managing, and enforcing user access policies based on their roles and responsibilitiesS

Question 8

Secured Zones

Answer 8

Isolated environments within a network that are designed to house sensitive data

Question 9

Data Plane

Answer 9

Ensures that policies are properly executed

Question 10

Elements of the Data Plane

Answer 10

Subject/System, Policy Engine, Policy Administrator, Policy Enforcement Point